You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The class `UnAuthenticatedServerOAuth2AuthorizedClientRepository` has no direct replacement. Usage of the class can be replaced with `AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager`.
427
+
428
+
== Add `@Configuration` to `@Enable*` annotations
429
+
430
+
In 6.0, all Spring Security's `@Enable*` annotations had their `@Configuration` removed.
431
+
While convenient, it was not consistent with the rest of the Spring projects and most notably Spring Framework's `@Enable*` annotations.
432
+
Additionally, the introduction of support for `@Configuration(proxyBeanMethods=false)` in Spring Framework provides another reason to remove `@Configuration` meta-annotation from Spring Security's `@Enable*` annotations and allow users to opt into their preferred configuration mode.
433
+
434
+
The following annotations had their `@Configuration` removed:
435
+
436
+
- `@EnableGlobalAuthentication`
437
+
- `@EnableGlobalMethodSecurity`
438
+
- `@EnableMethodSecurity`
439
+
- `@EnableReactiveMethodSecurity`
440
+
- `@EnableWebSecurity`
441
+
- `@EnableWebFluxSecurity`
442
+
443
+
For example, if you are using `@EnableWebFluxSecurity`, you will need to change:
444
+
445
+
====
446
+
.Java
447
+
[source,java,role="primary"]
448
+
----
449
+
@EnableWebFluxSecurity
450
+
public class SecurityConfig {
451
+
// ...
452
+
}
453
+
----
454
+
====
455
+
456
+
to:
457
+
458
+
====
459
+
.Java
460
+
[source,java,role="primary"]
461
+
----
462
+
@Configuration
463
+
@EnableWebFluxSecurity
464
+
public class SecurityConfig {
465
+
// ...
466
+
}
467
+
----
468
+
====
469
+
470
+
And the same applies to every other annotation listed above.
0 commit comments